Don't want to get hacked? Update your Java and Adobe Reader!

I've been playing World of Warcraft since release. I've always been careful of my account. I don't visit dodgy sites.

I however have been hacked. Yes, it was my own fault. My own dumb fault. The most scary part was the "hacker" bypassing my Mobile Authenticator. Ouch! However, instead of complaining about it, I'd like to take this opportunity to warn people not to make the same mistake as I did.

I fell victim to a trojan-type keylogger. I contacted Blizzard immediately, and got lucky with the support tech on the other line. She was quite a genious about this. She looked into my account, did some in-depth checking and concluded that I was caught by a trojan spread to people through various means. The way I got this was by being exploited through an old version of Java and/or Adobe Reader.

I installed a few anti-virus/malware/spyware programs and found 4 traces of Trojans on my pc. I regret to inform you that I can't remember what the name was of the trojan, but I did my research on it. It spreads through outdated java/adobe reader, and is dangerous on a severe level.

Long story short: This would never have happened if I updated my Java and/or Adobe Reader. Hackers are known to exploit certain vulnerabitilies within these applications. I never thought it'd happen to me, but it did.

Thanks to Blizzard's fast responsivity (is that even a word?) though, I was able to secure my account. I got rid of the trojan, and am back in action.

Again, I'm not trying to complain. Being hacked is NEVER Blizzard's fault (except for extreme rare occassions, but you'd more likely get hit by a meteorite than to get hacked because of Blizzard).

When you say bypassed your mobile authenticator do you mean you have an app on your phone that generates codes and they somehow bypassed it?

What he means is that you pissed off someone enough to want to specifically target your system with a man in the middle attack after totally taking over your OS through a remote exploit via Java. Then you respond to your modified WoW client when it asks for your authenticator code twice and the person on the other end uses those two sequential codes to remove your authenticator from your account.

It is by caffeine alone I set my mind in motion. It is by the beans of Java that thoughts acquire speed, the hands acquire shakes, the shakes become a warning.

Why did you not have any anti-spyware or anti-virus software on your computer to begin with :/? If you had such software it would flag and most likely delete those Trojans as soon as they set for on your hdd

Originally Posted by Runecapeman

I try not to post anywhere anymore, due to fear of being infracted. Feels like there are too many mods that aren't screened well enough. "Dirty cops" if you will.